I installed Discord with the wrong installer from a discord search.
I used MBAM to remove the infection I hope, but it found 37 things, and I worry that I missed one.
Here are the 2 FRST64 log files
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2021
Ran by synde (administrator) on MSI (Micro-Star International Co., Ltd. Bravo 17 A4DDR) (14-05-2021 02:57:49)
Running from C:\Users\synde\Desktop
Loaded Profiles: synde
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356396.inf_amd64_383feb4787ca17a2\B356520\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356396.inf_amd64_383feb4787ca17a2\B356520\atiesrxx.exe
(A-Volute SAS -> A-Volute) C:\Users\synde\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.108.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.3.48\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.3.48\nsWscSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe [1211184 2020-12-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-737473049-2190378563-2405002469-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\WINDOWS\system32\hpinksts7012LM.dll [328704 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8620): C:\WINDOWS\system32\HPDiscoPM7012.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E0A4983-992B-4403-BD9E-2FB0D414502A} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {2E5A3FAE-E17A-4C7A-8A4B-D316345CB1D9} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [1072248 2020-06-01] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {3BF81762-D6AF-47DD-9803-EC531F15959C} - System32\Tasks\MSILEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1510576 2020-06-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {41489EA3-6E07-4AA5-BE7B-6F5C783BB12F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {65C934DF-AF73-4EF1-94D7-2A7E97A419C5} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2345120 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {AAA27194-DF58-4910-BD8F-651BC6AE1AD9} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe [115640 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {AC1641D8-4335-4958-91CF-502EDE2EC935} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {AEB80F48-D27D-42DE-BC98-5E3E292FB70F} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {B1324C2F-173A-4E42-A78B-98035C9046A3} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.3.48\WSCStub.exe [643584 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {B595AA78-B21F-460E-AD5C-303970F9114E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {BBAA08EA-104A-4734-84EA-289B39BBB223} - System32\Tasks\OneDC_Updater => C:\Users\synde\Documents\temp\OneDC_Updater\OneDC_Updater.exe [5312632 2020-03-30] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION
Task: {BF6F8680-56DF-49A6-819D-82B76C8E53F4} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {C1C7FECA-66C7-45BD-B521-3E22ED03D0FB} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe [115640 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {D18FA010-2160-4554-8790-95912F7DA771} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D966F34B-6ABB-4B5D-A76C-0430C24BF907} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-737473049-2190378563-2405002469-1001_0 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [412160 2021-05-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DB82F055-0E27-4E4B-A340-61B18A1C72D7} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe [115640 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E15DE072-278E-40BC-BE5C-08CCB349093E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF281D20-570D-44DA-B1D4-D2CFA1108142} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [42640 2020-06-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {F33E5576-C870-4A3A-A050-25FF5BA4D964} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {FDE106E7-122F-4687-9139-7BC7C9B539CD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE02494D-2B6B-4593-8D32-0EE83AB637FA} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.86.1
Tcpip\..\Interfaces\{8022a26b-7b3b-425d-89c6-d8054b60f833}: [DhcpNameServer] 192.168.86.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\synde\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-14]
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [85136 2020-03-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [60880 2020-06-05] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Sendevsvc; C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe [306808 2020-05-11] (Micro-Star International CO., LTD. -> )
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [144528 2019-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [115344 2020-06-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [35504 2020-04-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1633288 2020-12-09] (A-Volute SAS -> Nahimic)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.3.48\NortonSecurity.exe [343336 2021-04-30] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.3.48\nsWscSvc.exe [1055048 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe [1211184 2020-12-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 VoiceControlService; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32432 2020-02-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20210420.013\BHDrvx64.sys [1995864 2021-03-16] (Symantec Corporation -> Broadcom)
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\ccSetx64.sys [192248 2021-04-30] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-02-17] (Symantec Corporation -> Broadcom)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-02-18] (Symantec Corporation -> Broadcom)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20210423.061\IDSvia64.sys [1488976 2021-04-14] (Symantec Corporation -> Broadcom)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-01-17] (A-Volute -> Windows ® Win 7 DDK provider)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\nsvst.sys [56912 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\SRTSP64.SYS [890464 2021-04-30] (Symantec Corporation -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\SRTSPX64.SYS [50272 2021-04-30] (Symantec Corporation -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\SYMEFASI64.SYS [2062424 2021-04-30] (Symantec Corporation -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\SymELAM.sys [25080 2021-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99848 2020-07-07] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712424 2020-08-01] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\Ironx64.SYS [316488 2021-04-30] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\symnets.sys [575328 2021-04-30] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615030.030\wpCtrlDrv.sys [1013792 2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-14 02:57 - 2021-05-14 02:58 - 000019046 _____ C:\Users\synde\Desktop\FRST.txt
2021-05-14 02:39 - 2021-05-14 02:39 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2021-05-14 02:39 - 2021-05-14 02:39 - 000000000 ____D C:\Users\synde\AppData\Local\CrashDumps
2021-05-14 02:38 - 2021-05-14 02:38 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-737473049-2190378563-2405002469-1001_0
2021-05-14 02:37 - 2021-05-14 02:37 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-14 02:37 - 2021-05-14 02:37 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-14 02:37 - 2021-05-14 02:37 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-14 02:33 - 2021-05-14 02:33 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-14 02:33 - 2021-05-14 02:33 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-14 02:33 - 2021-05-14 02:33 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-14 02:33 - 2021-05-14 02:33 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-14 02:33 - 2021-05-14 02:33 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-05-14 02:33 - 2021-05-14 02:33 - 000000000 ____D C:\Users\synde\AppData\Local\mbam
2021-05-14 02:32 - 2021-05-14 02:32 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-14 02:32 - 2021-05-14 02:32 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-14 02:32 - 2021-05-14 02:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-14 02:32 - 2021-05-14 02:32 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-14 02:31 - 2021-05-14 02:31 - 002078632 _____ (Malwarebytes) C:\Users\synde\Downloads\MBSetup.exe
2021-05-14 02:31 - 2021-05-14 02:31 - 002078632 _____ (Malwarebytes) C:\Users\synde\Downloads\MBSetup (1).exe
2021-05-14 02:27 - 2021-05-14 02:58 - 000000000 ____D C:\FRST
2021-05-14 02:25 - 2021-05-14 02:26 - 002299392 _____ (Farbar) C:\Users\synde\Desktop\FRST64.exe
2021-05-14 02:25 - 2021-05-14 02:25 - 002299392 _____ (Farbar) C:\Users\synde\Downloads\Unconfirmed 669051.crdownload
2021-05-14 02:25 - 2021-05-14 02:25 - 002299392 _____ (Farbar) C:\Users\synde\Downloads\Unconfirmed 439915.crdownload
2021-05-14 02:25 - 2021-05-14 02:25 - 002299392 _____ (Farbar) C:\Users\synde\Downloads\Unconfirmed 343513.crdownload
2021-05-14 02:00 - 2021-05-14 02:35 - 000000000 ____D C:\Users\synde\AppData\Roaming\Digital Protection Services S.R.L
2021-05-14 02:00 - 2021-05-14 02:00 - 062636856 _____ (Discord Inc.) C:\Users\synde\Downloads\Discord.exe
2021-05-14 02:00 - 2021-05-14 02:00 - 000016438 _____ C:\Users\synde\AppData\Local\partner.bmp
2021-05-14 01:59 - 2021-05-14 02:37 - 000000000 ____D C:\ProgramData\OrdinaryVanoLength
2021-05-14 01:53 - 2021-05-14 01:53 - 000000000 ____D C:\ProgramData\EarthInstaller
2021-05-14 00:26 - 2021-05-14 00:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-05-11 02:29 - 2021-05-10 22:33 - 000000000 ____D C:\Windows.old
2021-05-11 02:28 - 2021-05-11 02:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-05-11 02:27 - 2021-05-11 02:28 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-05-11 02:27 - 2021-05-11 02:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-05-11 02:26 - 2021-05-11 02:26 - 000000000 ____D C:\ProgramData\ssh
2021-05-11 02:23 - 2021-05-11 02:23 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-05-11 02:23 - 2021-05-11 02:23 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-11 02:23 - 2021-05-11 02:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-11 02:23 - 2021-05-11 02:23 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-11 02:23 - 2021-05-11 02:23 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-11 02:23 - 2021-05-11 02:23 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-11 02:23 - 2021-05-11 02:23 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-11 02:23 - 2021-05-11 02:23 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-05-11 02:23 - 2021-05-11 02:23 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-05-11 02:23 - 2021-05-11 02:23 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-05-11 02:23 - 2021-05-11 02:23 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-11 02:23 - 2021-05-11 02:23 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-05-11 02:23 - 2021-05-11 02:23 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-11 02:23 - 2021-05-11 02:23 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-05-11 02:23 - 2021-05-11 02:23 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-05-11 02:23 - 2021-05-11 02:23 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-05-11 02:23 - 2021-05-11 02:23 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-05-11 02:23 - 2021-05-11 02:23 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-05-11 02:23 - 2021-05-11 02:23 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-11 02:23 - 2021-05-11 02:23 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-05-11 02:23 - 2021-05-11 02:23 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-05-11 02:23 - 2021-05-11 02:23 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-05-11 02:23 - 2021-05-11 02:23 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-05-11 02:23 - 2021-05-11 02:23 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-05-11 02:23 - 2021-05-11 02:23 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-05-11 02:23 - 2021-05-11 02:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-05-11 02:23 - 2021-05-11 02:23 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-05-11 02:23 - 2021-05-11 02:23 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-11 02:23 - 2021-05-11 02:23 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-05-11 02:23 - 2021-05-11 02:23 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-05-11 02:23 - 2021-05-11 02:23 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-05-11 02:23 - 2021-05-11 02:23 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-11 02:23 - 2021-05-11 02:23 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-11 02:23 - 2021-05-11 02:23 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-05-11 02:23 - 2021-05-11 02:23 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-05-10 22:35 - 2021-05-10 22:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-05-10 22:34 - 2021-05-14 02:42 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-10 22:33 - 2021-05-14 02:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2021-05-10 22:33 - 2021-05-14 02:38 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-05-10 22:33 - 2021-05-14 02:38 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-05-10 22:33 - 2021-05-14 02:38 - 000003088 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-05-10 22:33 - 2021-05-14 02:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-10 22:33 - 2021-05-10 22:36 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-737473049-2190378563-2405002469-1001
2021-05-10 22:33 - 2021-05-10 22:33 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-05-10 22:33 - 2021-05-10 22:33 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-05-10 22:33 - 2021-05-10 22:33 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-10 22:33 - 2021-05-10 22:33 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2021-05-10 22:33 - 2021-05-10 22:33 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-10 22:33 - 2021-05-10 22:33 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-737473049-2190378563-2405002469-500
2021-05-10 22:33 - 2021-05-10 22:33 - 000002826 _____ C:\WINDOWS\system32\Tasks\OneDC_Updater
2021-05-10 22:33 - 2021-05-10 22:33 - 000002388 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-05-10 22:33 - 2021-05-10 22:33 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2021-05-10 22:33 - 2021-05-10 22:33 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2021-05-10 22:33 - 2021-05-10 22:33 - 000002278 _____ C:\WINDOWS\system32\Tasks\OmApSvcBroker
2021-05-10 22:33 - 2021-05-10 22:33 - 000002254 _____ C:\WINDOWS\system32\Tasks\MSILEDKeeper2_Host
2021-05-10 22:33 - 2021-05-10 22:33 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2021-05-10 22:33 - 2021-05-10 22:33 - 000000020 ___SH C:\Users\synde\ntuser.ini
2021-05-10 22:33 - 2020-07-07 19:25 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3813482199-2967970838-579574770-500
2021-05-10 22:33 - 2019-11-13 13:43 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3246922579-2884849309-941848276-500
2021-05-10 22:31 - 2021-05-10 22:31 - 000000252 ____H C:\WINDOWS\Tasks\MSISW_Host.job
2021-05-10 22:31 - 2021-05-10 22:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-05-10 22:30 - 2021-05-10 22:36 - 000002370 _____ C:\Users\synde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-10 22:30 - 2021-05-10 22:33 - 000000000 ____D C:\Users\synde
2021-05-10 22:29 - 2021-05-14 02:37 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-10 22:29 - 2021-05-11 00:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-10 22:29 - 2021-05-10 22:29 - 000580488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-14 02:57 - 2020-07-07 20:06 - 000000000 ____D C:\ProgramData\Common
2021-05-14 02:52 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-14 02:42 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-14 02:37 - 2021-01-07 01:00 - 000000000 ____D C:\Users\synde\AppData\Roaming\com.silhouettesoftware
2021-05-14 02:37 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-14 02:32 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-14 01:35 - 2021-01-07 00:38 - 000000000 ____D C:\Users\synde\AppData\Local\D3DSCache
2021-05-14 01:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-14 00:37 - 2019-11-13 13:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 00:19 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-11 02:29 - 2021-01-09 21:16 - 000000000 ____D C:\Program Files\UNP
2021-05-11 02:29 - 2020-07-07 18:42 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2021-05-11 02:29 - 2019-12-07 05:18 - 000000000 ____D C:\WINDOWS\Setup
2021-05-11 02:29 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-05-11 02:29 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-05-11 02:29 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-05-11 02:29 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-11 02:29 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-11 02:29 - 2019-11-13 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-11 02:29 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-05-11 02:29 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-05-11 02:28 - 2021-03-10 01:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-05-11 02:28 - 2021-01-07 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embrilliance
2021-05-11 02:28 - 2021-01-07 00:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silhouette America
2021-05-11 02:28 - 2020-07-07 18:39 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-05-11 02:26 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-11 02:26 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\IME
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-11 02:26 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-11 02:26 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-11 02:25 - 2019-12-07 05:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-11 02:25 - 2019-12-07 05:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-05-10 23:31 - 2021-01-07 01:00 - 000000000 ____D C:\ProgramData\com.aspexsoftware.Silhouette_Studio.8
2021-05-10 23:29 - 2021-01-10 01:08 - 000000000 ____D C:\Users\synde\Documents\Silouhette
2021-05-10 23:27 - 2021-01-07 01:01 - 000000000 ____D C:\Users\synde\AppData\Roaming\com.aspexsoftware.ss_bluetooth
2021-05-10 23:27 - 2021-01-07 01:00 - 000000000 ____D C:\Users\synde\AppData\Roaming\com.silhouettesoftware.scratch.1
2021-05-10 22:57 - 2021-01-07 01:06 - 000000000 ____D C:\Program Files\Common Files\AV
2021-05-10 22:49 - 2021-01-07 00:38 - 000000000 ____D C:\Users\synde\AppData\Local\Packages
2021-05-10 22:49 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-10 22:36 - 2021-01-07 00:40 - 000000000 ___RD C:\Users\synde\OneDrive
2021-05-10 22:35 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-10 22:34 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-05-10 22:33 - 2021-04-02 23:24 - 000000000 ___DC C:\WINDOWS\Panther
2021-05-10 22:33 - 2021-01-07 00:38 - 000000000 ___RD C:\Users\synde\3D Objects
2021-05-10 22:33 - 2021-01-07 00:04 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-10 22:33 - 2021-01-07 00:04 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-10 22:33 - 2021-01-07 00:04 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-10 22:33 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-10 22:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-10 22:33 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-10 22:33 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-10 22:33 - 2019-11-13 13:43 - 000000000 ____D C:\ProgramData\Packages
2021-05-10 22:33 - 2019-11-13 13:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-05-10 22:31 - 2020-07-07 19:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2021-05-10 22:31 - 2019-12-07 05:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-05-10 22:30 - 2021-02-17 23:18 - 000000000 ____D C:\Users\synde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-05-10 22:29 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-10 22:29 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-05-09 22:02 - 2019-11-13 15:05 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-25 16:07 - 2020-07-07 18:42 - 000000000 ____D C:\ProgramData\A-Volute
==================== Files in the root of some directories ========
2021-01-07 01:00 - 2021-01-07 01:00 - 000000008 _____ () C:\Users\synde\AppData\Roaming\com.silhouettesoftware.id
2021-05-14 02:00 - 2021-05-14 02:00 - 000016438 _____ () C:\Users\synde\AppData\Local\partner.bmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by synde (14-05-2021 03:00:17)
Running from C:\Users\synde\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-05-11 02:33:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-737473049-2190378563-2405002469-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-737473049-2190378563-2405002469-503 - Limited - Disabled)
Guest (S-1-5-21-737473049-2190378563-2405002469-501 - Limited - Disabled)
synde (S-1-5-21-737473049-2190378563-2405002469-1001 - Administrator - Enabled) => C:\Users\synde
WDAGUtilityAccount (S-1-5-21-737473049-2190378563-2405002469-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Norton Security (Disabled - Out of date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Disabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.06.12.340 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.10.23.01 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{0488acd8-8b22-4ac2-9f09-e99122912fa8}) (Version: 2.06.12.340 - Advanced Micro Devices, Inc.) Hidden
Embrilliance version BriTon Leap Embrilliance 1.168 (HKLM\...\{CD06BE8E-4E09-4FC6-9098-94F0D6FE86F1}_is1) (Version: BriTon Leap Embrilliance 1.168 - BriTon Leap, Inc.)
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{978E8FD1-5778-47EF-91A4-F891DA415DDE}) (Version: 1.0.4.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{587316c6-4804-4857-af01-1f2f78d4a0e5}) (Version: 1.0.4.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.1.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{20610ecc-e094-423e-af0c-7d0bcfe117e9}) (Version: 1.0.1.0 - ENE TECHNOLOGY INC.) Hidden
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13929.20296 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-737473049-2190378563-2405002469-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.150.10.6302 - BlueStack Systems, Inc.)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2006.0501 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2006.0501 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 1.0.0.43 - MSI)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.3.48 - NortonLifeLock Inc)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.36.701.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
Silhouette Studio (HKLM\...\{4500D64E-50EC-4E70-8CF3-FB524469C01C}) (Version: 4.4.463 - Silhouette America)
SSO (HKLM-x32\...\SSO) (Version: 1.8.7.7 - Ordinary Vano Length.)
Zoom (HKU\S-1-5-21-737473049-2190378563-2405002469-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10027.0_x64__0a9344xs7nr4m [2021-05-10] (Advanced Micro Devices Inc.) [Startup Task]
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2020-07-07] (CyberLink)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2020-07-07] (CyberLink)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.108.0_x64__kzh8wxbdkxb8p [2021-05-09] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-07-07] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-09] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-14] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.2.10190.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-01-07] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.6.5.0_x64__w2gh52qy24etm [2021-04-25] (A-Volute)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2020-07-07] (CyberLink)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2020-07-07] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2021-03-09] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-14] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-737473049-2190378563-2405002469-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\synde\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.3.48\NavShExt.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.3.48\NavShExt.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.3.48\buShell.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.3.48\NavShExt.dll [2021-04-30] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-07-07 19:03 - 2020-07-07 19:03 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.108.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2019-07-02 18:07 - 2019-07-02 18:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-737473049-2190378563-2405002469-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-737473049-2190378563-2405002469-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=NMTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 00:49 - 2019-03-19 00:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-737473049-2190378563-2405002469-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\System32\oobe\info\Wallpaper\backgroundDefault.jpg
DNS Servers: 192.168.86.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C04CB391-BEAE-4A5B-9C49-D33B38257884}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{739C0C0A-2710-402B-85A4-B006E2D038AE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7AA7C9FB-7397-467D-8CC7-F26E968F2E96}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{669E5D16-6A33-4986-95DA-38F9AB338103}] => (Allow) LPort=5357
FirewallRules: [{EB38EC50-EA1B-4219-ABE6-B571C9CDFAE1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{3E1E73FE-E76C-4CA1-B9E1-ED2457DB473B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{CB154080-70A8-4B3A-A94D-950FE6DA4FF7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{528DC95F-D1B2-4B36-917D-D0BD79EB3B65}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{1E581001-46F1-4324-A3CA-7EC96814DF9C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2258EDBB-7A4A-4D66-908B-29A3E43BC3CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{361F4BD3-3A7A-46CF-9F33-B90EC590D1E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{475C10A8-C6C5-423B-A441-A19091A7BBEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D4ACCE76-2330-445A-870B-CA8480E6AC68}] => (Allow) C:\Users\synde\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FCEE3622-6686-451A-9303-207E093160E1}] => (Allow) C:\Users\synde\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{722DE868-D88E-4D0B-BDB9-55514FC9899E}] => (Allow) C:\Users\synde\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C3E4F76F-B0B0-447F-ABEB-B4169D6E0EB5}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{95329D7F-563A-4A4C-9A51-258B1B86BC19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{51A5C0E0-CA02-4032-83C8-D46357AA11AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{582D3173-5A86-4FDB-A49E-69C9E5158907}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E360A6E-958B-4556-B6A4-150E1EAA05F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3EF72C13-FFB1-496D-A852-AF918AE7FE2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DDB6E21A-6C1A-42A6-B767-F7DE5B7D99DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22CD9835-A754-4634-BE97-37BF18447C72}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94708E64-F685-4C82-9BF4-05BED922E2FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA29A830-2BDD-4C34-B619-45E3B174898D}] => (Allow) LPort=32682
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:455.75 GB) (Free:383.1 GB) (84%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/14/2021 02:57:44 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
Error: (05/14/2021 02:39:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.987, time stamp: 0x60894603
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0x850
Faulting application start time: 0x01d7488bbb21e438
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 8a83376c-db35-41b9-b77d-bb12104b34e6
Faulting package full name:
Faulting package-relative application ID:
Error: (05/14/2021 02:38:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MSI.CentralServer.exe, version: 1.0.0.43, time stamp: 0x5ed627e7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x050e21b9
Faulting process id: 0x20b0
Faulting application start time: 0x01d7488bbc57c478
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
Faulting module path: unknown
Report Id: 2f366e4a-aeca-4de5-875e-888955a5f5ac
Faulting package full name:
Faulting package-relative application ID:
Error: (05/14/2021 02:38:47 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MSI.CentralServer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at MSI.CentralServer.C_OnlineData.Override_Define()
at MSI.CentralServer.Program.Main(System.String[])
Error: (05/10/2021 10:34:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchApp.exe, version: 10.0.19041.844, time stamp: 0x69441820
Faulting module name: ConstraintIndex.Search.dll, version: 10.0.19041.746, time stamp: 0xd439ca93
Exception code: 0xc0000005
Fault offset: 0x000000000003f170
Faulting process id: 0x2e40
Faulting application start time: 0x01d7460e18cff830
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Faulting module path: C:\Windows\System32\ConstraintIndex.Search.dll
Report Id: 7c138307-d557-4c5c-b6fc-970b4bd38c9b
Faulting package full name: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (05/10/2021 10:34:10 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
Error: (05/10/2021 10:34:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MSI.CentralServer.exe, version: 1.0.0.43, time stamp: 0x5ed627e7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x05e30c31
Faulting process id: 0x252c
Faulting application start time: 0x01d7460e12ac2072
Faulting application path: C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
Faulting module path: unknown
Report Id: 554fdf40-fe9e-4e6b-b449-268276fc1727
Faulting package full name:
Faulting package-relative application ID:
Error: (05/10/2021 10:34:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MSI.CentralServer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at MSI.CentralServer.C_OnlineData.Override_Define()
at MSI.CentralServer.Program.Main(System.String[])
System errors:
=============
Error: (05/14/2021 02:39:37 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (05/14/2021 02:38:51 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (05/14/2021 01:01:39 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (05/14/2021 12:20:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.
Error: (05/14/2021 12:19:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (05/14/2021 12:16:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.
Error: (05/14/2021 12:16:10 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (05/10/2021 10:35:21 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2021-05-14 01:36:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2021-05-14 02:40:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.3.48\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E17FKAMS.116 07/10/2020
Motherboard: Micro-Star International Co., Ltd. MS-17FK
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 62%
Total physical RAM: 7579.23 MB
Available physical RAM: 2834.86 MB
Total Virtual: 15259.23 MB
Available Virtual: 9704.9 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:455.75 GB) (Free:383.1 GB) NTFS
\\?\Volume{fe7903ac-fb1b-4658-a901-fbe75a63bfe5}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.45 GB) NTFS
\\?\Volume{deb3867f-3ce0-4023-8dda-f5394939417a}\ (BIOS_RVY) (Fixed) (Total:19.9 GB) (Free:0.69 GB) NTFS
\\?\Volume{e4059a51-f2dc-4372-90af-b2e11e799b8b}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 787435D1)
Partition: GPT.
==================== End of Addition.txt =======================